package com.fang.security.controller;

import com.fang.security.common.result.JsonResult;
import com.fang.security.entity.DO.SysUser;
import com.fang.security.service.SysUserService;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.bind.annotation.*;

import javax.annotation.Resource;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

/**
 * @Author: Hutengfei
 * @Description:
 * @Date Create in 2019/8/28 19:34
 */
@RestController
public class UserController {
    @Resource
    SysUserService sysUserService;

    @GetMapping("/getUser")
    @PreAuthorize("hasPermission('query_user','sys:user:info')")
    public JsonResult getUser() {
        List<SysUser> users = sysUserService.list();
        return JsonResult.success(users);
    }

    @GetMapping("/testUser")
    @PreAuthorize("hasPermission('testUser','query_user')")// hasPermission()方法必须传最少两个参数
    public JsonResult testUser() {
        List<SysUser> users = sysUserService.list();
        return JsonResult.success(users);
    }

    /**
     * 用户端信息
     * @Author Sans
     * @CreateTime 2019/10/2 14:52
     * @Return Map<String, Object> 返回数据MAP
     */
    @RequestMapping(value = "/info", method = RequestMethod.GET)
    public JsonResult userLogin() {
        Map<String, Object> result = new HashMap<>();
        SysUser userDetails = (SysUser) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
        result.put("title", "用户端信息");
        result.put("data", userDetails);
        return JsonResult.success(result);
    }

    /**
     * 拥有USER角色和sys:user:info权限可以访问
     * @author Sans
     * @createTime 2019/10/2 14:22
     * @return Map<String, Object> 返回数据MAP
     */
    @PreAuthorize("hasRole('USER') and hasPermission('/user/menuList','sys:user:info')")
    @RequestMapping(value = "/menuList", method = RequestMethod.GET)
    public JsonResult sysMenuEntity() {
        Map<String, Object> result = new HashMap<>();
        result.put("title", "拥有USER角色和sys:user:info权限可以访问");
        result.put("data", null);
        return JsonResult.success(result);
    }


}
